Method and Apparatus for Direct Communication Key Establishment

1. A method, performed by a User Equipment device (UE) for obtaining a key for direct communication with a device over an air interface, the method comprising: storing a transaction identifier acquired from a Bootstrapping Server Function (BSF) in a Generic Bootstrapping Architecture (GBA) procedure during a previous session; initiating a new session with a device by sending the transaction identifier to the device and requesting key generation for direct communication with the device, the transaction identifier being no longer valid when it is sent to the device; receiving from the device a device identifier and key generation session; deriving a session shared key from at least the key generation information; and deriving a direct communication key from at least the session shared key and the device identifier.

2. A method as claimed in claim 1 , wherein the invalid transaction identifier is used as an identifier of the UE.

3. A method as claimed in claim 1 , wherein the air interface comprises a Proximity Services (ProSe) interface.

4. A method as claimed in claim 1 , further comprising discovering the device through a discovery procedure.

5. A method as claimed in claim 1 , wherein the UE further sends a direct communication element identifier, direct key set identifier (DKSI) a list of security algorithms supported by the UE, and a nonce generated by the UE, to the device.

6. A method as claimed in claim 5 , further comprising receiving a Message Authentication Code (MAC) with the device identifier and key generation information, wherein the MAC is generated using the direct communication key or a key derived from the direct communication key.

7. A method as claimed in claim 6 , further comprising receiving the DKSI, lifetime, at least one security algorithm chosen by the device from the list of security algorithms, said list of security algorithms supported by the UE and a nonce generated by the device together with the MAC, device identifier and key generation information.

8. A method as claimed in claim 1 , wherein the UE cannot initiate another GBA bootstrapping procedure.

9. A method as claimed in claim 1 , wherein the UE does not comprise a valid shared secret with a Bootstrapping Server Function (BSF).

10. A method, performed by a device, for obtaining a key for direct communication with a User Equipment device (UE) over an air interface, the method comprising: during an initiation of a new session, receiving from the UE an invalid transaction identifier and a request to obtain a direct communication key, the invalid transaction identifier being associated with a Generic Bootstrapping Architecture (GBA) procedure performed by the UE during a previous session; sending to a Direct Communication Element the invalid transaction identifier and a device identifier, and requesting the Direct Communication Element to provide the device with the direct communication key; and receiving the direct communication key and key generation information from the Direct Communication Element; and sending the key generation information and the device identifier to the UE.

11. A method as claimed in claim 10 , wherein the invalid transaction identifier is used as an identifier of the UE.

12. A method as claimed in claim 10 , wherein the air interface comprises a Proximity Services (ProSe) interface, and the Direct Communication Element comprises at least one of ProSe Function, a ProSe Key Management Function or a ProSe Key Management Server.

13. A method as claimed in claim 10 , further comprising discovering the UE through a discovery procedure.

14. A method as claimed in claim 10 , wherein the device further receives from the UE a direct communication element identifier, a direct key set identifier (DKSI) a list of security algorithms supported by the UE and a nonce generated by the UE.

15. A method as claimed in claim 14 , wherein the device further sends to the UE the DKSI, a lifetime, at least one security algorithm chosen from the list of security algorithms supported by the UE, said list of security algorithms supported by the UE and a nonce generated by the device.

16. A method, performed by a Direct Communication Element, for establishing a key for direct communication over an interface between a User Equipment device (UE) and a device, the method comprising: receiving from the device an invalid transaction identifier, a device identifier, and a request to provide a direct communication key to the device, the invalid transaction identifier associated with a Generic Bootstrapping Architecture (GBA) procedure performed during a previous session associated with the UE; determining that the invalid transaction identifier is invalid; using the invalid transaction identifier to identify the UE; sending a request to a bootstrapping server function (BSF) for key generation information and a session shared key from, and receiving said key generation information and session shared key from the BSF; deriving a direct communication key from at least the session shared key and the device identifier; and sending the direct communication key and the key generation information to the device.

17. A method as performed in claim 16 , wherein using the invalid transaction identifier to identify the UE comprises the direct communication element matching the invalid transaction identifier with a stored transaction identifier from a previous Generic Bootstrapping Architecture procedure.

18. A method as claimed in claim 17 , further comprising mapping the invalid transaction identifier matched to the stored transaction identifier to a public UE identifier and sending the public UE identifier to the BSF.

19. A method as claimed in claim 16 , wherein the interface comprises a Proximity Services (ProSe) interface, and the Direct Communication Element comprises at least one of a ProSe Function, a ProSe Key Management Function or a ProSe Key Management Server.

20. A method as claimed in claim 16 wherein the device comprises at least one of: a UE; and a UE-to-Network Relay.

21. A method as claimed in claim 16 , wherein the key generation information comprises Generic Bootstrapping Architecture Push Information (GPI) and the transaction identifier is a bootstrapping transaction identifier (B-TID).

22. A system for securing direct communication between devices over an interface, the system comprising: a User Equipment device (UE); a device in direct communication with the UE; and a direct communication element in communication with the device; wherein the UE is operable to send an invalid transaction identifier to the device, the invalid transaction identifier acquired from a Bootstrapping Server Function (BSF) in a Generic Bootstrapping Architecture (GBA) procedure during a previous session, wherein the device is operable to send the invalid transaction identifier to the direct communication element, wherein the direct communication element is operable to identify the UE based on the invalid transaction identifier, obtain a session shared key and Generic Bootstrapping Architecture Push Information (GPI), derive a direct communication key from at least the session shared key, and send the direct communication key and the GPI to the device, wherein the device is operable to send the GPI to the UE, and and wherein the UE is operable to derive the session shared key from at least the GPI and to derive the direct communication key from the session shared key.

23. A non-transitory computer-readable storage medium storing instructions which, when run on a computer, causes the computer to: store a transaction identifier acquired from a Bootstrapping Server Function (BSF) in a Generic Bootstrapping Architecture (GBA) procedure during a previous session; initiate a new session with a device by sending the transaction identifier to the device and requesting key generation for direct communication with the device, the transaction identifier being no longer valid when it is sent to the device; receive from the device a device identifier and key generation information; derive a session shared key from at least the key generation information; and derive a direct communication key from at least the session shared key and the device identifier.